Study: Employees Take Security Risks

READING, U.K. -- SurfControl (London: SRF), the leading provider of global on-demand, network and endpoint IT security solutions, today released an international Trust & Risk in the Workplace Study, conducted by Dr. Monica Whitty of Queens University Belfast. The study surveyed 1000 mobile and desktop employees across five countries  Australia, the Netherlands, Singapore, the United Kingdom and the United States  on the risks taken over company networks. The study demonstrates that employees in all regions take security risks, and mobile users take more risks than desktop users.

The study also found that across all activities surveyed, laptop users took more risks than their deskbound colleagues and some laptop users access the Internet through potentially insecure networks. According to the study, two thirds use wireless hotspots.

Almost two thirds of our sample would blame their employer if confidential data was stolen from their work computers, Whitty said. Given that security breaches and careless mistakes can lead to the loss or theft of confidential information, employers should be cautious when it comes to protecting confidential data.

Businesses cannot afford to think that out of sight is out of mind, said Dr. Richard Cullen, chairman of SurfControls global technology strategy council. This research highlights the importance of applying a consistent security strategy across all employees, regardless of where or how they access the corporate network.

The risky activities studied include using USB keys, instant messaging, downloading music and sending confidential information via email. All of these activities have the potential to introduce unwanted content to the network, expose confidential information or compromise legal liability.

The first step to security for organizations worldwide is ensuring that the corporate usage policy is current and relevant to both desktop and mobile users, and that employees understand the importance of the guidelines in place. By layering security solutions across multiple network entry points, organizations can deflect malicious and unwanted content while also exercising granular control of employee usage policies.